Re: access-list split-tunnel

Salehzwy60270 · ‎06-11-2020

when connect using anyconnect, im unable to access other remote network

local network 172.16.10.0/32

remote site 10.0.0.0/16

balaji.bandi · ‎06-11-2020

Can you explain more what is the issue here ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Salehzwy60270 · ‎06-11-2020

when I connect to cisco ASA using anyconnect client, I need to access on-premise network plus another remote site.

I can connect Ok to local network but I cannot connect to the remote site

balaji.bandi · ‎06-11-2020

When you say the remote site, is inside your network - From Local Lan you have access to these networks?

Do you have ACL rule for your Any connect IP range to access those IP addresses from your network?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Salehzwy60270 · ‎06-14-2020

anyconnect------>local network------------>site-to-site vpn

172.16.10.50---->172.16.10.0/24---------->10.0.0.0/16

access-list split-tunnel standard permit 172.16.10.0 255.255.255.0
access-list split-tunnel standard permit host 0.0.0.0

Richard Burts · ‎07-12-2020

We do not have much detail to work with on this issue. But based on the little that we are told my first guess is that the site to site vpn does not include the AnyConnect address pool to the remote site subnet as traffic included for the site to site vpn. If you think this is not the issue then please provide additional details.

HTH

Rick